Kerberos Setup


  1. Install Kerberos Packages:

#yum install krb5-server pam_krb5 krb5-workstation

2. Open /etc/krb5.conf – uncomment “realms”, “domain_realms” sections and edit with your own server and domains.

3. Open /var/Kerberos/krb5kdc/kadm5.acl – update domain.

4. Create Kerberos database

#kdb5_util create -r -s “domain”

#systemctl krb5kdc kadmin

#firewall-cmd –add-service=Kerberos –permanent

#firewall-cmd –add-port=749/tcp –permanent

#firewall-cmd –reload

#authconfig –enablekrb5 –update

5. Create Admin principal.


#addprinc root/admin

6. Create Test user and add to Kerberos

#useradd test


#addprinc test

7. Add KDC hostname to the Kerberos database.

#addprinc -randkey host/

8. Create /etc/krb5.keytab

#ktadd host/

Login into client machine and do the following:

  1. Install Kerberos packages

#yum install krb5-workstation pam_krb5

2. Update /etc/krb5.conf

3. Create test user

#useradd test

4. Add this host to kerberos


#addprinc -randkey host/

#ktadd host/




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s